SlideShare a Scribd company logo

Understanding the container landscape and it associated projects

Download as PPTX, PDF
Anthony Chow
Anthony Chow

Slide deck for OpenStack Austin Summit vBrownBag TechTalk

Technology
1 of 25
Anthony Chow Twitter: @vCloudernBeer Blog: http://cloudn1n3.blogspot.com/ April 25, 2016 OpenStack Austin Summit vBrownBag TechTalk
 Blog posts  Books  Ecosystem announcements  Webinar  Conferences  Local Meetups  Your boss wants to deploy container related technologies.  You want to get into this technology for more $$$$ or a “better” job.
 FreeBSD Jails (back in 2000)  Imctfy (Google’s version of container)  LXC (technology that Docker build upon)  Docker: “Build Ship Run”
 Namespaces  Current view of PID, network, IPC, MNT and UTS  Linux namespaces provides isolations for each container. Applications or process inside a container do not have access outside of the namespaces that the container is in.  Control groups/cgroups  Kernel function used to control access rights.  While namespaces provides access isolation, the control groups limits the hardware resources that the container can access. One example of control groups is to limit the memory available for the container for say 256 MBs.  AUFS  This is how containers are made to be light weighted. Linux kernel first mounts the root system read-only and then change to read-write. With the union mount, instead of changing from read-only to read-write, a read-write file system is layered on top of the read-only based Filesystem. Union mean to layer read-write with read-only layers.
 Docker Client  Accept commands from the user and communicate with the server/daemon  Docker Server/Daemon  Building the Docker container from the images that are stored in the Docker Registry  Docker container  Base unit where the application runs on  Similar to a Virtual Machine  Default base moving from Ubuntu to Alpine for smaller footprint  Dockerfile  a configuration file with build instructions for Docker images  Docker image  Building block of container  Docker Registry  Location where the Docker images are stored  Public registry – access by everyone  Private registry – access by specific team or organization.
 Docker Hub  Quay Container Registry  Amazon Container Registry  Google Container Registry
 Container image format  Docker – appC  CoreOS – Rocker (rkt)
 CoreOS  RacherOS  Ubuntu Snappy  Red Hat Atomic  VMware photon  Microsoft Nano Server
 Open Container Initiative  OCI Runtime Specification  OCI Image Format Specification
 Microservices  Container runs in groups and on distributed hosts as service  Containers “come and go”  Not practical to hardcode port number.  Distributed key-value store  Common tool for service discovery  Zookeeper  Etcd  Consul
 Containers needs network traffic isolation for multi-tenants  Number of addressable end-point drastically increases  Immutable infrastructure – container is created and destroyed on different hosts constantly  Networking solutions for containers  Libnetwork (since rev 1.9)  Weave  Flannel (CoreOS)  IPvlan
 A new security requirements created by container based infrastructure.  Docker container used to run as “root”  Common form of security solutions for containers:  Discretionary Access Control (DAS)  Seccomp  SELinux (Mandatory Access Control – MAC)  Microsegmentation solution from VMware and Cisco
 Stateless container  Stateful container  Persistent Storage  Default: data reside inside the container  Docker Volume Driver (rev 1.8)  Convoy: a Docker storage driver  Flocker: container data volume manager
 “To deploy container is one thing, architect a container solution is not so simple?  Common container orchestration tools:  Docker Swarm  Kubernetes  Apache Mesos  Redhat Atomic  CoreOS Fleet
 Provides an Docker container orchestration platform using OpenStack as a infrastructure  Key concept: Container Orchestration Engine  Docker Swarm  Kubernetes  Apache Mesos  Able to interface with Docker client and Kubernetes client
 “provides production-ready containers and deployment tools for operating OpenStack clouds that are scalable, fast, reliable, and upgradable using community best practices.” – OpenStack Wiki  running OpenStack service as a container
 “bring containers and Docker networking specifically to use and leverage solutions and services in Neutron” – superuser.openstack.org  Kuryr is Czech for "courier."
 “a distributed control plane implementation of Neutron” – superuser.openstack.org  Dragonflow is going to support use cases of nested containers inside a VM without the need to introduce another layer of overlay abstraction. We are going to support various different modes to deploy this and have full integration with project Kuryr.
 Container technology is here to stay along with virtual machines  More and more OpenStack project is embracing this container technology to solve different problems.  We need to stay relevant and keep up with the container technology.  Get a clearer picture of the container landscape.
Have a joyful and fruitful conference @vCloudernBeer

Recommended

Docker Architecture
Docker ArchitectureDocker Architecture
Docker ArchitectureMohammadreza Amini
 
Docker architecture(version modified)
Docker architecture(version modified)Docker architecture(version modified)
Docker architecture(version modified)Mohammadreza Amini
 
Docker architecture (version modified)
Docker architecture (version modified)Docker architecture (version modified)
Docker architecture (version modified)Amir Arsalan
 
Containerized Delivery on the Microsoft Stack
Containerized Delivery on the Microsoft StackContainerized Delivery on the Microsoft Stack
Containerized Delivery on the Microsoft StackCornell Knulst
 
Quick Trip with Docker
Quick Trip with DockerQuick Trip with Docker
Quick Trip with DockerVenkata Naga Ravi
 
Docker architecture-05
Docker architecture-05Docker architecture-05
Docker architecture-05Mohammadreza Amini
 
Release Management with Docker - Dutch Microsoft ALM Group
Release Management with Docker - Dutch Microsoft ALM GroupRelease Management with Docker - Dutch Microsoft ALM Group
Release Management with Docker - Dutch Microsoft ALM GroupCornell Knulst
 
Docker - the what why and hows
Docker - the what why and howsDocker - the what why and hows
Docker - the what why and howsSouvik Maji
 

Recommended

Docker Architecture
Docker ArchitectureDocker Architecture
Docker ArchitectureMohammadreza Amini
 
Docker architecture(version modified)
Docker architecture(version modified)Docker architecture(version modified)
Docker architecture(version modified)Mohammadreza Amini
 
Docker architecture (version modified)
Docker architecture (version modified)Docker architecture (version modified)
Docker architecture (version modified)Amir Arsalan
 
Containerized Delivery on the Microsoft Stack
Containerized Delivery on the Microsoft StackContainerized Delivery on the Microsoft Stack
Containerized Delivery on the Microsoft StackCornell Knulst
 
Quick Trip with Docker
Quick Trip with DockerQuick Trip with Docker
Quick Trip with DockerVenkata Naga Ravi
 
Docker architecture-05
Docker architecture-05Docker architecture-05
Docker architecture-05Mohammadreza Amini
 
Release Management with Docker - Dutch Microsoft ALM Group
Release Management with Docker - Dutch Microsoft ALM GroupRelease Management with Docker - Dutch Microsoft ALM Group
Release Management with Docker - Dutch Microsoft ALM GroupCornell Knulst
 
Docker - the what why and hows
Docker - the what why and howsDocker - the what why and hows
Docker - the what why and howsSouvik Maji
 
Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the HoodImesha Sudasingha
 
Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"enyert
 
Performance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesPerformance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesSoheila Dehghanzadeh
 
Docker training
Docker trainingDocker training
Docker trainingKiran Kumar
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsAntonin Stoklasek
 
Revolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationRevolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationWSO2
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container IntroductionInnfinision Cloud and BigData Solutions
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and DockerIoannis Papapanagiotou
 
Docker Global Hack Day #3
Docker Global Hack Day #3 Docker Global Hack Day #3
Docker Global Hack Day #3 Docker, Inc.
 
LXD: The hypervisor that isn't
LXD: The hypervisor that isn'tLXD: The hypervisor that isn't
LXD: The hypervisor that isn'ttych0
 
Containers in the Cloud
Containers in the CloudContainers in the Cloud
Containers in the CloudJames Darrell Pratt
 
Rebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyRebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyYan Vugenfirer
 
Container security
Container securityContainer security
Container securityAnthony Chow
 
Docker introduction for Carbon IT
Docker introduction for Carbon ITDocker introduction for Carbon IT
Docker introduction for Carbon ITyannick grenzinger
 
LXC NSAttach
LXC NSAttachLXC NSAttach
LXC NSAttachDarshan Parmar
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Inc.
 
Linux containers
Linux containersLinux containers
Linux containersindikadias
 
Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Khelender Sasan
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleMajor Hayden
 
Docker basics
Docker basicsDocker basics
Docker basicsClaudio Montoya
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Henryk Konsek
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Patrick Chanezon
 

More Related Content

What's hot

Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the HoodImesha Sudasingha
 
Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"enyert
 
Performance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesPerformance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesSoheila Dehghanzadeh
 
Revolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationRevolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationWSO2
 
Docker Global Hack Day #3
Docker Global Hack Day #3 Docker Global Hack Day #3
Docker Global Hack Day #3 Docker, Inc.
 
LXD: The hypervisor that isn't
LXD: The hypervisor that isn'tLXD: The hypervisor that isn't
LXD: The hypervisor that isn'ttych0
 
Rebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyRebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyYan Vugenfirer
 
Container security
Container securityContainer security
Container securityAnthony Chow
 
Docker introduction for Carbon IT
Docker introduction for Carbon ITDocker introduction for Carbon IT
Docker introduction for Carbon ITyannick grenzinger
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Inc.
 
Linux containers
Linux containersLinux containers
Linux containersindikadias
 
Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Khelender Sasan
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleMajor Hayden
 

What's hot (20)

Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
 
Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"
 
Performance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesPerformance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual Machines
 
Docker training
Docker trainingDocker training
Docker training
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Revolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationRevolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualization
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
 
Docker Global Hack Day #3
Docker Global Hack Day #3 Docker Global Hack Day #3
Docker Global Hack Day #3
 
LXD: The hypervisor that isn't
LXD: The hypervisor that isn'tLXD: The hypervisor that isn't
LXD: The hypervisor that isn't
 
Containers in the Cloud
Containers in the CloudContainers in the Cloud
Containers in the Cloud
 
Rebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyRebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday party
 
Container security
Container securityContainer security
Container security
 
Docker introduction for Carbon IT
Docker introduction for Carbon ITDocker introduction for Carbon IT
Docker introduction for Carbon IT
 
LXC NSAttach
LXC NSAttachLXC NSAttach
LXC NSAttach
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation Accelerator
 
Linux containers
Linux containersLinux containers
Linux containers
 
Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with Ansible
 
Docker basics
Docker basicsDocker basics
Docker basics
 

Similar to Understanding the container landscape and it associated projects

Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Henryk Konsek
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Patrick Chanezon
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetesKrishna-Kumar
 
HLayer / Docker and its ecosystem
HLayer / Docker and its ecosystemHLayer / Docker and its ecosystem
HLayer / Docker and its ecosystemAymen EL Amri
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapPatrick Chanezon
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesShreyas MM
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionKyunghun Jeon
 

Similar to Understanding the container landscape and it associated projects (20)

Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
 
SW Docker Security
SW Docker SecuritySW Docker Security
SW Docker Security
 
Docker
Docker Docker
Docker
 
Docker Online Training
Docker Online TrainingDocker Online Training
Docker Online Training
 
Hack the whale
Hack the whaleHack the whale
Hack the whale
 
Reviwe(docker)
Reviwe(docker)Reviwe(docker)
Reviwe(docker)
 
HLayer / Docker and its ecosystem
HLayer / Docker and its ecosystemHLayer / Docker and its ecosystem
HLayer / Docker and its ecosystem
 
paper
paperpaper
paper
 
Docker
DockerDocker
Docker
 
Docker Ecosystem on Azure
Docker Ecosystem on AzureDocker Ecosystem on Azure
Docker Ecosystem on Azure
 
Docker.pptx
Docker.pptxDocker.pptx
Docker.pptx
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
Docker Dojo
Docker DojoDocker Dojo
Docker Dojo
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to Kubernetes
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker Introduction
 
Docker
DockerDocker
Docker
 

More from Anthony Chow

Build your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your applicationBuild your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your applicationAnthony Chow
 
Container security
Container securityContainer security
Container securityAnthony Chow
 
Understanding gRPC Authentication Methods
Understanding gRPC Authentication MethodsUnderstanding gRPC Authentication Methods
Understanding gRPC Authentication MethodsAnthony Chow
 
Api security with o auth2
Api security with o auth2Api security with o auth2
Api security with o auth2Anthony Chow
 
Container security
Container securityContainer security
Container securityAnthony Chow
 
V brownbag sept-14-2016
V brownbag sept-14-2016V brownbag sept-14-2016
V brownbag sept-14-2016Anthony Chow
 
Getting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStackGetting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStackAnthony Chow
 
Introduction to go
Introduction to goIntroduction to go
Introduction to goAnthony Chow
 
Micro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservicesMicro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservicesAnthony Chow
 
An overview of OpenStack for the VMware community
An overview of OpenStack for the VMware communityAn overview of OpenStack for the VMware community
An overview of OpenStack for the VMware communityAnthony Chow
 
VXLAN in the contemporary data center
VXLAN in the contemporary data centerVXLAN in the contemporary data center
VXLAN in the contemporary data centerAnthony Chow
 
What a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStackWhat a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStackAnthony Chow
 

More from Anthony Chow (13)

Build your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your applicationBuild your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your application
 
Container security
Container securityContainer security
Container security
 
MQTT security
MQTT securityMQTT security
MQTT security
 
Understanding gRPC Authentication Methods
Understanding gRPC Authentication MethodsUnderstanding gRPC Authentication Methods
Understanding gRPC Authentication Methods
 
Api security with o auth2
Api security with o auth2Api security with o auth2
Api security with o auth2
 
Container security
Container securityContainer security
Container security
 
V brownbag sept-14-2016
V brownbag sept-14-2016V brownbag sept-14-2016
V brownbag sept-14-2016
 
Getting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStackGetting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStack
 
Introduction to go
Introduction to goIntroduction to go
Introduction to go
 
Micro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservicesMicro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservices
 
An overview of OpenStack for the VMware community
An overview of OpenStack for the VMware communityAn overview of OpenStack for the VMware community
An overview of OpenStack for the VMware community
 
VXLAN in the contemporary data center
VXLAN in the contemporary data centerVXLAN in the contemporary data center
VXLAN in the contemporary data center
 
What a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStackWhat a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStack
 

Recently uploaded

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Recently uploaded (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Understanding the container landscape and it associated projects

  • 1. Anthony Chow Twitter: @vCloudernBeer Blog: http://cloudn1n3.blogspot.com/ April 25, 2016 OpenStack Austin Summit vBrownBag TechTalk
  • 2.
  • 3.  Blog posts  Books  Ecosystem announcements  Webinar  Conferences  Local Meetups  Your boss wants to deploy container related technologies.  You want to get into this technology for more $$$$ or a “better” job.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.  FreeBSD Jails (back in 2000)  Imctfy (Google’s version of container)  LXC (technology that Docker build upon)  Docker: “Build Ship Run”
  • 9.  Namespaces  Current view of PID, network, IPC, MNT and UTS  Linux namespaces provides isolations for each container. Applications or process inside a container do not have access outside of the namespaces that the container is in.  Control groups/cgroups  Kernel function used to control access rights.  While namespaces provides access isolation, the control groups limits the hardware resources that the container can access. One example of control groups is to limit the memory available for the container for say 256 MBs.  AUFS  This is how containers are made to be light weighted. Linux kernel first mounts the root system read-only and then change to read-write. With the union mount, instead of changing from read-only to read-write, a read-write file system is layered on top of the read-only based Filesystem. Union mean to layer read-write with read-only layers.
  • 10.  Docker Client  Accept commands from the user and communicate with the server/daemon  Docker Server/Daemon  Building the Docker container from the images that are stored in the Docker Registry  Docker container  Base unit where the application runs on  Similar to a Virtual Machine  Default base moving from Ubuntu to Alpine for smaller footprint  Dockerfile  a configuration file with build instructions for Docker images  Docker image  Building block of container  Docker Registry  Location where the Docker images are stored  Public registry – access by everyone  Private registry – access by specific team or organization.
  • 11.  Docker Hub  Quay Container Registry  Amazon Container Registry  Google Container Registry
  • 12.  Container image format  Docker – appC  CoreOS – Rocker (rkt)
  • 13.  CoreOS  RacherOS  Ubuntu Snappy  Red Hat Atomic  VMware photon  Microsoft Nano Server
  • 14.  Open Container Initiative  OCI Runtime Specification  OCI Image Format Specification
  • 15.  Microservices  Container runs in groups and on distributed hosts as service  Containers “come and go”  Not practical to hardcode port number.  Distributed key-value store  Common tool for service discovery  Zookeeper  Etcd  Consul
  • 16.  Containers needs network traffic isolation for multi-tenants  Number of addressable end-point drastically increases  Immutable infrastructure – container is created and destroyed on different hosts constantly  Networking solutions for containers  Libnetwork (since rev 1.9)  Weave  Flannel (CoreOS)  IPvlan
  • 17.  A new security requirements created by container based infrastructure.  Docker container used to run as “root”  Common form of security solutions for containers:  Discretionary Access Control (DAS)  Seccomp  SELinux (Mandatory Access Control – MAC)  Microsegmentation solution from VMware and Cisco
  • 18.  Stateless container  Stateful container  Persistent Storage  Default: data reside inside the container  Docker Volume Driver (rev 1.8)  Convoy: a Docker storage driver  Flocker: container data volume manager
  • 19.  “To deploy container is one thing, architect a container solution is not so simple?  Common container orchestration tools:  Docker Swarm  Kubernetes  Apache Mesos  Redhat Atomic  CoreOS Fleet
  • 20.  Provides an Docker container orchestration platform using OpenStack as a infrastructure  Key concept: Container Orchestration Engine  Docker Swarm  Kubernetes  Apache Mesos  Able to interface with Docker client and Kubernetes client
  • 21.  “provides production-ready containers and deployment tools for operating OpenStack clouds that are scalable, fast, reliable, and upgradable using community best practices.” – OpenStack Wiki  running OpenStack service as a container
  • 22.  “bring containers and Docker networking specifically to use and leverage solutions and services in Neutron” – superuser.openstack.org  Kuryr is Czech for "courier."
  • 23.  “a distributed control plane implementation of Neutron” – superuser.openstack.org  Dragonflow is going to support use cases of nested containers inside a VM without the need to introduce another layer of overlay abstraction. We are going to support various different modes to deploy this and have full integration with project Kuryr.
  • 24.  Container technology is here to stay along with virtual machines  More and more OpenStack project is embracing this container technology to solve different problems.  We need to stay relevant and keep up with the container technology.  Get a clearer picture of the container landscape.
  • 25. Have a joyful and fruitful conference @vCloudernBeer